I just received this stunning, disturbing press release from the CEO and Publisher of AVSIM.com. I’m publishing it here not only to reach my direct audience, but to ensure that it is picked up on MSDN as well. My thoughts are with Tom and my many other friends on the AVSIM staff as they regroup and consider their options.

PRESS RELEASE:

AVSIM Hacked

Tom Allensworth, CEO and Publisher of AVSIM, today issued the following announcement; “We regret to inform the flight simulation community that on Tuesday, May 12, AVSIM was hacked and effectively destroyed. The method of the hack makes recovery difficult, if not impossible, to recover from. Both servers, that is the library / email and web site / forum servers were attacked. AVSIM is totally offline at this time and we expect to be so for some time to come. We are not able to predict when we will be back online, if we can come back at all. We will post more news as we are able to in the coming days and weeks.

4 Responses to AVSIM Hacked

Nick,I don\’t think you\’re oversimplifying. I\’ve read through just about every post at the temporary site that Tom has set up, and can give you some insight into this issue."Backup" is a continual IT process that requires daily interaction. It is probably the least glamorous part of IT, but also the most important. Few companies have any clue how good their backup philosophy and system is until something like this happens because most companies don\’t test their strategy.In the case of AVSIM, there was I gather a general understanding of the important of backing things up and there seems to have been an awareness of the need to have offsite backups. Typically, a company of the size of AVSIM will do tape backups and remove the tapes offsite on a schedule (and I believe this is what they were trying to do).However, that requires someone to be at the tape backup machine every day, performing the vital tasks of checking the backup logs to make sure the backup was actually performed without error, changing the tapes, removing the tapes offsite, performing test restores to validate the process, etc. Like I said … backup is a process that requires professionalism, attention to detail and an understanding that you\’ll never, ever need to restore anything – except of course the day that you don\’t backup? If anything can go wrong, it WILL go wrong, and at the worst possible time.AVSIM is reliant on unpaid volunteers, apparently. And, since you get what you pay for, they\’d been having trouble keeping competent staff. Backups were not being performed professionally. Their temporary solution was to back up one server to the other server; a strategy that has obvious flaws. It\’s debatable whether this sort of a strategy is even worth the effort, since if both servers are compromised (by fire, water, electricity, or disgruntled outside contractors) then you don\’t really have a restore strategy.So, the takeaway is pretty obvious, I think.